Classifications

• • H—ELECTRICITY
  • H04—ELECTRIC COMMUNICATION TECHNIQUE
  • H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
  • H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
  • H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
  • H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
• • H—ELECTRICITY
  • H04—ELECTRIC COMMUNICATION TECHNIQUE
  • H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
  • H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
  • H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
  • H04L9/3263—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
• • H—ELECTRICITY
  • H04—ELECTRIC COMMUNICATION TECHNIQUE
  • H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
  • H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
  • H04L2209/56—Financial cryptography, e.g. electronic payment or e-cash

Definitions

• the invention relates to a security module.
• the invention further relates to a method for creating counterfeit-proof documents, input data being input into a data input of a security module.
• the invention has for its object to provide a security module with which tamper-proof documents can be generated.
• a security module is designed in such a way that it contains a data input, through which information can be entered into the security module, that the security module contains at least two data outputs, data which can be output by a first data output a certification body is transmitted and wherein data is output through a second data output that can be transferred to a document to be output that the security module contains at least two combination machines, a first of the combination machines generating a result value for the first data output and a second combination machine a result value generated for the second data output.
• the Security module is designed so that it contains a secret generator that generates an unpredictable secret.
• Secret generator is connected to the first combination machine and / or the second combination machine such that a secret generated by the secret generator enters the first combination machine and / or the second combination machine.
• the security module is designed so that it is a billing, in particular a billing of services, takes place.
• a further increase in data security can advantageously be achieved in that the security module contains at least one encryption machine which encrypts an initial value of one of the combination machines.
• the encryption machine is connected to a key register, with at least one value contained in the key register in the
• Encryption machine can be used for encryption.
• a practical implementation of the security module is characterized by the fact that it contains a hash machine.
• FIG. 1 shows a basic illustration of a security module suitable for creating counterfeit-proof documents.
• the security module shown in FIG. 1 has a data input through which information can be input into the security module.
• the security module also has two data outputs DA1 and DA2.
• the first data output DA1 can be used to output data which are transmitted to an external body, for example a certification body.
• the second data output DA2 allows data to be transferred to a document to be output.
• the security module also has at least two combination machines K1, K2.
• the first combination machine K1 produces a result value for the first data output DA1.
• the second combination machine K2 generates a result value for the second data output DA2.
• the security module also contains at least one Secret generator GG that generates an unpredictable secret.
• the secret generator is connected to both the first combination machine K1 and the second combination machine K2.
• the connection between the secret generator GG and the combination machine K2 is preferably made via a buffer.
• the buffer preferably has the function of temporarily storing the secret generated in the secret generator.
• the security module also contains an identification register which is connected to the first combination machine K1 such that a value of the identification register is entered into a data combination output by the first combination machine.
• Encryption machine is programmed so that it encrypts an output value of one of the combination machines, in the case shown the combination machine Kl.
• the key length is preferably at least 128 bit, expediently significantly more, for example at least 1024 bit, RSA.
• the hash value is preferably generated according to the SHA-1 standard.
• the hash machine irreversibly links the data it has entered with a secret. This results in an identical result when the same data is repeatedly linked in the same way, without being able to draw any conclusions about the secret.
• the secret is preferably temporary, since this increases security. However, this is not necessary. For example, the secret can be permanently entered in a data memory.
• the security module is equally suitable for other encryption purposes. It is particularly useful to use the security module to generate counterfeit-proof documents.
• the term tamper-proof documents is not to be understood in any way restrictive.
• the forgery-proof documents can also be tickets or entrance tickets.
• the possibility of carrying out each individual document generation on the basis of individual data means that one-off documents such as personal ID cards, place cards or lists with personalized values can also be generated.
• the security module preferably processes customizable information, for example certificates and digitally signed licenses.
• a digital signature is a seal for digital data generated with a private signature key, which, with the help of an associated public key, which is provided with a signature key certificate, reveals the holder of the signature key and the authenticity of the data (see SigG ⁇ 2, Paragraph 1).
• a test center is able to check the digital signature of a document manufacturer and thus both its identity and the genuineness of the data contained in the document if you have the public signature key of the document manufacturer, who provided it with a signature key certificate is available.
• Each security module produced is "digitally licensed" by the customer system manufacturer.
• the certification body creates its own signed communication license in the same format for communication with the security modules.
• the security module internally generates a pair of keys, the public key P SB (Public Key) of which is digitally licensed using the private signature key of the customer system provider Si (issuer).
• P SB Public Key
• the public key of the customer system provider Pi is just like the public key of the certification body of the
• CA Certification body
• the security module contains a private key of the security module, a public key of the security module and a license of the public key of the security module signed by the customer system provider (issuer).
• At least one private key of the certification body and one public key of the certification body are preferably available in the certification body.
• the security module checks the validity of the signed license, for example by contacting a certification body.
• the certification body checks the validity of the signed license of a security module - and thus the identity of the customer system provider (issuer) via the identity of the natural person responsible for the customer system provider by entering an attribute in the certificate - by contacting the certification body.
• the issuer of the signature cards ensures that the corresponding attributes (e.g. procuration to issue licenses for security modules) are only assigned in coordination with the agency to which the tamper-proof documents are submitted. Regular exchange of the key pair of the security module is not necessary, but is possible.
• the envisaged period of validity of the keys is as long as possible in order to increase user-friendliness.
• the validity period of the keys of the security module is preferably from several months to years, with values between three months and 15 years being possible.
• the period of validity is preferably between 3 years and 10 years, with approximately 6 years being particularly suitable.
• the customer system manufacturer is entitled to change the keys with which he digitally licenses the licenses of the security modules issued at any time.
• the customer system manufacturer is obliged to change the signature key with which he digitally signs the licenses of the security modules issued after one year at the latest and to have the old signature key blocked.
• the customer system manufacturer marks the signature key in coordination with the certification body.
• a body authorized to check the forgery-proof documents rejects transactions if a key is found to be corrupt. If the security module is used to produce counterfeit-proof postage stamps, the authority authorized to check the documents is the postal service operator, for example Deutsche Post AG. In this case, corruption of a key of a customer system provider results in an immediate post-side rejection of all transactions with security modules of the customer system manufacturers whose signed licenses were produced with this key.
• the keys of the certification body can be changed at any time without the need for changes in the customer systems.
• a certification process is explained below using symmetrical keys from the certification body.
• Symmetrical keys allow very fast encryption and decryption.
• the use of symmetrical keys requires that the sender's key and the receiver's key match.
• symmetrical keys can be used if the certification body has sufficient storage capacity for the individual keys that match the respective customer systems.
• asymmetric keys provides that the sender encrypts the message with the recipient's public key and that the recipient decrypts the message with his private key.
• symmetrical or asymmetrical keys must be used. In principle, however, the methods shown can be used with both symmetrical and asymmetrical keys respectively .
• the security module must essentially perform the following tasks for initialization, communication with the certification body and deactivation:
• Verification of a certificate by requesting the certification body Verification of a certificate by requesting the certification body.
• Asymmetric encryption Encryption of data with a verified public key of a communication partner.
• Formation of a hash value for example according to SHA-1, from the shipment-specific data transmitted by the customer system and the stored random number.
• the security module preferably works together with a digital value exchange.
• This stock exchange can be integrated into the security module or housed separately become.
• a separate accommodation is, for example, in a digital wallet (digital wallet).
• the storage ensures that only amounts actually available are used. When used, for example, in which a hash value is formed, the amount and thus also the register value assigned to it is reduced.
• Digital signature of the shipment-specific data Generation and output of the digital signature of the shipment-specific data with each hash formation of the shipment-specific data.
• the aim of the security module is to guarantee the confidentiality and integrity of information that is stored and processed in the security module within a customer system.
• compliance with and certification is based on a prior specified security level, for example according to a security level specified by FIPS PUB 140 (FIPS PUB 140: "Security Level”), expedient.
• FIPS PUB 140 Security Level 4
• the recommended security level for the implementation is FIPS PUB 140, Security Level 3, because this combines high data security with low handling effort.
• the security module is manufactured and initialized in a shielded environment in accordance with a security standard agreed with Deutsche Post.
• the risk of corruption of the signature key used to generate the signed licenses of the security modules produced is minimized by checks.
• a key pair is generated, a public key for generating the signed license is issued by the customer system provider, a signed license of the security module (including the security module ID) is saved in the security module and the attribute entry is saved in an inserted certificate. Activation of the security module by the customer system
• the security module In order to activate the security module from the customer system, the security module is requested to transfer its signed license (including its public key P SB ) and a random number X a u th with a length of 16 bytes to the customer system.
• the random number is used in particular to protect replay attacks if there is an unsecured transfer value between the keyboard of the customer system and the security module, for example in Internet solutions with a central security module server on the Internet and decentralized PCs as input terminals for login information such as PIN) ,
• the security module After the authentication of the customer system / customer, the security module reads the current identification number of the loading process, the previous identification number, the current value amount and the validity of the value and transfers them to the basic system. This user may change these values (FIPS PUB 140: role) in this usage option does not exist for users (FIPS PUB 140: Service).

Landscapes

• Engineering & Computer Science (AREA)
• Computer Security & Cryptography (AREA)
• Computer Networks & Wireless Communication (AREA)
• Signal Processing (AREA)
• Storage Device Security (AREA)
• Combined Controls Of Internal Combustion Engines (AREA)

Priority Applications (8)

Applications Claiming Priority (4)

Publications (2)

Family

ID=26005482

Family Applications (1)

Country Status (8)

Families Citing this family (4)

Family Cites Families (11)

• 2000
  • 2000-10-05 AU AU19923/01A patent/AU767866B2/en not_active Ceased
  • 2000-10-05 WO PCT/DE2000/003506 patent/WO2001025879A2/de not_active Ceased
  • 2000-10-05 CA CA002425176A patent/CA2425176A1/en not_active Abandoned
  • 2000-10-05 JP JP2001528774A patent/JP2004500593A/ja active Pending
  • 2000-10-05 DE DE10083045T patent/DE10083045D2/de not_active Expired - Lifetime
  • 2000-10-05 US US10/089,990 patent/US7386728B1/en not_active Expired - Fee Related
  • 2000-10-05 EP EP00982951.6A patent/EP1222512B1/de not_active Expired - Lifetime
  • 2000-10-05 NZ NZ518161A patent/NZ518161A/en unknown

Also Published As

Similar Documents

Legal Events